About me
Seasoned Cybersecurity GRC professional with 10+ years in banking and finance. As Manager of IT Security Risk Assessment & Change Management, I lead enterprise risk management, security assessments, compliance, and change governance. Expert in implementing global frameworks including ISO 27001, NIST, COBIT, SOC 2, SWIFT, and PCI DSS. I blend deep technical skills in vulnerability assessment, penetration testing, SIEM, and ethical hacking with strong governance and leadership to build resilient, secure banking environments. Passionate about turning risks into robust security postures.
M.A. in Project Management | B.Sc. in Computer Science
Skills and Tools
Governance & Compliance
ISO 27001 (ISMS Implementation & Audit Support)
PCI DSS Compliance
Security Policies & Procedures Development
Internal & External Audit Coordination
Control Design & Implementation
Regulatory Compliance Mapping
Risk Management & Assessment
Risk Assessment & Risk Register Management
Risk Treatment Planning
Business Impact Analysis (BIA)
Third-Party Risk Management
Vulnerability Assessment (VA)
Penetration Testing (PT) Coordination
Offensive Security & Testing
Ethical Hacking Methodologies
Web Application Security Testing
Burp Suite (Proxy, Scanner, Repeater)
OWASP Top 10 Testing
Reconnaissance & Enumeration
Basic Exploitation Techniques
Security Architecture & Engineering
Secure System Design Principles
Access Control & Identity Management
Network Security Concepts
Secure Configuration & Hardening
API Security Basics
Secure SDLC Awareness
Audit, Monitoring & Reporting
Security Audits & Gap Analysis
Control Effectiveness Review
Compliance Reporting
KPI / KRI Definition & Tracking
Log Review & Basic Monitoring
Documentation & Evidence Management
Security Awareness & Training
Security Awareness Programs
Phishing Awareness & Simulation Support
Policy Awareness Campaigns
End-User Training Materials
Social Engineering Risk Education
Compliance Specific Awarness Training
Certifications and Achievments
Experience
Experienced in cybersecurity for over a decade, with hands-on expertise across technical, non-technical, and managerial roles. My background spans SOC operations, threat detection, incident response, and security assessments, alongside leadership responsibilities in coordinating teams and security initiatives. These represent my most recent and key professional experiences. For a complete and formal overview of my career history, please refer to my official resume.
GRC Manager
Bank of Abyssinia
Leading governance, risk, and compliance initiatives by defining security policies, managing risk assessments, and ensuring alignment with ISO 27001, PCI DSS, and internal security standards across the organization.
Senior IT Security Assessment Officer
Bank of Abyssinia
Conducting security assessments, vulnerability evaluations, and compliance reviews, while promoting security awareness to identify risks and strengthen security posture.
It Security Assessment Officer
Bank of Abyssinia
Performing security assessments, vulnerability evaluations, and compliance checks, while supporting security awareness efforts to identify risks and improve overall security posture.
Senior Information Technology Security Expert
InfoSec Labs
Leading advanced security engineering, threat detection, and incident response, while promoting security awareness to strengthen system resilience and overall security posture.
My Works
A collection of my cybersecurity projects, certifications, GitHub contributions, and technical implementations in GRC, SIEM, VA/PT, and security engineering.
Testimonials
Establish a Secure Connection
Have a project, opportunity, or just want to say hi? Let’s connect.
Open to freelance, full-time and collaborations.